Skip to content
The Nexus
DossierENTITY

CISA

Coverage of CISA in the Nexus archive.

Earliest in view: May 19 · 07:45 UTCMost recent: Jul 8 · 09:58 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJul 8 · 09:58 UTCBLEEPING COMPUTER
    CISA orders feds to prioritize patching Langflow auth bypass flaw

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to patch an actively exploited vulnerability in the Langflow visual framework for building AI agents, setting a deadline of Friday.

  • SECURITYJul 8 · 05:33 UTCTHE HACKER NEWS
    CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV

    CISA added four actively exploited vulnerabilities to its KEV catalog, including a critical path traversal flaw in Adobe ColdFusion (CVE-2026-48282) that could enable arbitrary code execution. The other flaws affect Joomla and Langflow, with all vulnerabilities being actively exploited.

  • TECHNOLOGYJul 7 · 12:10 UTCMIT TECHNOLOGY REVIEW
    The Download: your stake in OpenAI, and the Treasury’s AI warning

    Sam Altman proposes a 5% government stake in OpenAI, offering $320 per household. The US Treasury compares the AI market to the dotcom bubble, while Samsung reports record profits from AI chips and Illinois enacts a strong frontier AI law.

  • SECURITYJul 2 · 05:46 UTCTHE HACKER NEWS
    SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation

    CISA added a high-severity remote code execution vulnerability (CVE-2026-45659) in Microsoft SharePoint Server to its Known Exploited Vulnerabilities catalog due to active exploitation. The flaw, rated with a CVSS score of 8.8, stems from deserialization of untrusted data.

  • SECURITYJun 30 · 21:46 UTCCYBERSCOOP
    Citrix patches a new NetScaler flaw with echoes of CitrixBleed

    Citrix disclosed six vulnerabilities in NetScaler ADC and Gateway, including a high-severity memory disclosure flaw (CVE-2026-8451) linked to the CitrixBleed vulnerability class. Researchers at watchTowr and others identified the flaws, which involve memory management issues and require patching and configuration adjustments to mitigate risks.

  • SECURITYJun 30 · 08:53 UTCBLEEPING COMPUTER
    CISA: Windows BlueHammer flaw now exploited by ransomware gangs

    CISA confirmed that ransomware gangs are exploiting a Microsoft Defender privilege escalation vulnerability named BlueHammer, which was previously used in zero-day attacks. The flaw allows attackers to escalate privileges, potentially leading to system compromises.

  • SECURITYJun 26 · 22:06 UTCBLEEPING COMPUTER
    FBI: Russian hackers now target Signal backup recovery keys

    The FBI and CISA warn that Russian intelligence-linked hackers are targeting Signal users through a phishing campaign to steal Backup Recovery Keys, enabling access to historical messages. The campaign has evolved to focus on these keys, which are critical for securing Signal backups.

  • SECURITYJun 26 · 19:43 UTCBLEEPING COMPUTER
    CISA sets urgent deadline to fix Cisco flaw exploited in attacks

    CISA has issued an urgent deadline for federal agencies to patch a vulnerability in Cisco Unified Communications Manager Server that is currently being exploited in attacks.

  • SECURITYJun 26 · 19:38 UTCTHE HACKER NEWS
    FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys

    The FBI and CISA have updated their warning about Russian hackers phishing Signal accounts to obtain backup recovery keys, allowing attackers to access message history and take over accounts. The keys remain valid indefinitely once compromised.

  • SECURITYJun 25 · 18:47 UTCRECORDED FUTURE NEWS
    DHS chief says president has met with potential CISA nominee; agency plans to hire 600

    Homeland Security Secretary Markwayne Mullin stated that the president has met with a potential nominee for the CISA director position. The agency plans to hire 600 additional staff once a new director is confirmed. The White House has not yet announced the nominee.

  • SECURITYJun 25 · 09:00 UTCCYBERSCOOP
    Why patch directives only go so far

    CISA issued an emergency directive for CVE-2026-50751, a critical authentication bypass vulnerability in Check Point Remote Access VPN, after exploitation began in May. Qilin ransomware affiliates exploited the flaw to breach organizations globally, using techniques like Rclone and Tox protocol for data exfiltration and command-and-control. The vulnerability highlights structural flaws in perimeter-dependent security architectures, where compromised security devices inherit trusted authority.

  • SECURITYJun 24 · 09:00 UTCCYBERSCOOP
    Open-source security is posing challenges governments can’t easily solve

    An increase in cyberattacks on open-source software highlights challenges in securing publicly available code, with experts citing underinvestment and maintenance issues. Governments under different administrations have had mixed impacts, while companies also face criticism for insufficient responsibility. Project Glasswing identified thousands of vulnerabilities in open-source projects, but only a small fraction have been patched.

  • SECURITYJun 23 · 21:48 UTCCBS NEWS
    Former CISA Director Chris Krebs calls intelligence community's AI warning "pretty alarming"

    An international alliance warns that advanced artificial intelligence models could soon overwhelm cybersecurity systems for governments and businesses. Chris Krebs provides analysis on the issue.

  • SECURITYJun 22 · 15:25 UTCCYBERSCOOP
    Intel agencies: Frontier AI models will reshape cybersecurity faster than expected

    Intelligence agencies from the Five Eyes alliance (US, Canada, UK, Australia, New Zealand) warn that advanced AI models capable of significantly impacting cybersecurity are months away from public availability. These models, including Anthropic's Fable 5 and OpenAI's Daybreak, could transform offensive and defensive cyber capabilities rapidly, exploiting weaknesses like legacy systems and slow patching. The agencies emphasize that older AI models and open-source variants already pose risks, with newer models quickly becoming accessible as development accelerates.

  • SECURITYJun 19 · 10:39 UTCBLEEPING COMPUTER
    CISA: Splunk Enterprise flaw actively exploited, patch by Sunday

    CISA has urged U.S. federal agencies to secure their systems by Sunday against a critical Splunk Enterprise vulnerability that is being exploited in attacks.

  • SECURITYJun 19 · 06:47 UTCBLEEPING COMPUTER
    CISA warns Fortinet users to secure devices after FortiBleed leak

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Fortinet users to secure their devices following the 'FortiBleed' data leak, which exposed nearly 74,000 firewall and VPN credentials. The incident highlights the need for immediate action to protect affected systems.

  • SECURITYJun 17 · 10:30 UTCRECORDED FUTURE NEWS
    Warner warns of CISA cuts, staffing gaps in letter to acting chief

    Warner warned of potential cuts and staffing gaps at CISA in a letter to DHS Secretary Markwayne Mullin, urging the Department of Homeland Security to prioritize the agency and fund the MS-ISAC.

  • SECURITYJun 16 · 05:41 UTCTHE HACKER NEWS
    CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

    CISA added a vulnerability in LiteSpeed cPanel Plugin to its KEV catalog, requiring FCEB agencies to fix it by June 18, 2026. The flaw, CVE-2026-54420 (CVSS score 8.5), involves privilege escalation exploited for root access.

  • SECURITYJun 10 · 19:53 UTCRECORDED FUTURE NEWS
    CISA to require federal agencies to patch some cyber vulnerabilities within 3 days

    CISA is requiring federal agencies to patch certain cyber vulnerabilities within 3 days. Agencies have 180 days to adopt the new patching timeframe under a directive released Wednesday.

  • SECURITYJun 10 · 16:07 UTCCYBERSCOOP
    CISA directive orders agencies to prioritize vulnerability patching in a new way

    CISA ordered federal agencies to prioritize vulnerability patching based on four criteria, including public exposure and automation potential. Agencies must adhere to timelines for remediation, with urgent fixes required for vulnerabilities meeting all four criteria. The directive aims to address AI-driven increases in vulnerability discovery and exploitation.

  • SECURITYJun 9 · 18:50 UTCRECORDED FUTURE NEWS
    CISA to transform how it assesses cyber vulnerabilities and risks, Andersen says

    CISA will issue a binding operational directive requiring federal agencies to alter their approach to addressing cyber vulnerabilities by prioritizing some and deprioritizing others. The directive aims to transform how cyber risks are assessed.

  • SECURITYJun 9 · 16:27 UTCCYBERSCOOP
    CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector

    CISA is rethinking risk prioritization for federal and private sectors under acting director Nick Andersen, introducing a binding operational directive for federal agencies. The directive emphasizes risk-based vulnerability management, focusing on internet-exposed assets and CISA's Known Exploited Vulnerabilities (KEV) list, while acknowledging past concepts like Section 9 designations as ineffective.

  • SECURITYJun 9 · 08:18 UTCBLEEPING COMPUTER
    CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day

    CISA has mandated U.S. government agencies to address a critical vulnerability in Check Point Remote Access VPN and Mobile Access deployments, which is being exploited as a zero-day by Qilin ransomware affiliates. The directive requires agencies to secure these systems within three days to mitigate the risk of exploitation.

  • SECURITYJun 7 · 16:39 UTCCBS NEWS
    Anthropic adviser says it's "not hypothetical" that AI could abet biological weapons risk

    Anthropic adviser Ben Buchanan and CBS News contributor Chris Krebs discussed AI regulation and the risk of AI enabling biological weapons during a segment on 'Face the Nation with Margaret Brennan.' The conversation focused on whether the government should regulate AI and the potential dangers of unaddressed AI advancements.

  • SECURITYJun 6 · 08:14 UTCTHE HACKER NEWS
    CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

    CISA has added a high-severity denial-of-service vulnerability in SolarWinds Serv-U to its KEV catalog, citing active exploitation. The flaw, CVE-2026-28318 with a CVSS score of 7.5, causes the service to crash.

  • SECURITYJun 5 · 19:15 UTCBLEEPING COMPUTER
    CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers

    CISA warned that hackers are actively exploiting a high-severity SolarWinds Serv-U flaw to crash servers. The vulnerability, recently patched, is being used by attackers to disrupt server operations.

  • SECURITYJun 4 · 15:05 UTCRECORDED FUTURE NEWS
    CISA directive for AI executive order to be released this week, Andersen says

    CISA is set to release a binding operational directive related to an AI executive order this week, according to Andersen. The directive will emphasize vulnerability alleviation and management, as stated during Andersen's remarks at the TechNet Cyber conference in Baltimore.

  • SECURITYJun 4 · 07:19 UTCTHE HACKER NEWS
    CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog

    CISA added a critical remote code execution (RCE) vulnerability in Mirasvit Cache Warmer, a Magento extension, to its KEV catalog due to active exploitation. The flaw, CVE-2026-45247 with a CVSS score of 9.8, involves deserialization of untrusted data.

  • SECURITYJun 3 · 20:21 UTCBLEEPING COMPUTER
    CISA warns of cyberattacks targeting fuel tank monitoring systems

    CISA, the FBI, the NSA, the Department of Energy, and other US government partners are warning that hackers are targeting internet-exposed automatic tank gauge (ATG) systems used to monitor fuel and liquid storage tanks across various critical infrastructure sectors.

  • SECURITYJun 3 · 19:07 UTCRECORDED FUTURE NEWS
    DHS chief signals efforts to reshape CISA

    DHS chief signals efforts to reshape CISA. Mullin stated CISA needs around 2,800 employees despite a hiring cap of 3,400.

  • SECURITYJun 2 · 12:40 UTCBLEEPING COMPUTER
    CISA flags two-year-old Oracle flaw as actively exploited in attacks

    CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively exploited in attacks.

  • SECURITYJun 1 · 12:15 UTCTHE REGISTER
    Palo Alto VPN bug graduates from advisory to active exploitation

    Palo Alto Networks disclosed a critical security flaw, CVE-2026-0257, in PAN-OS GlobalProtect that allows attackers to bypass authentication and gain unauthorized VPN access. Researchers at Rapid7 confirmed active exploitation since May 17, prompting Palo Alto to elevate the severity rating and CISA to add it to its exploited vulnerabilities catalog with a June 1 patch deadline.

  • SECURITYMay 26 · 08:46 UTCBLEEPING COMPUTER
    CISA orders feds to patch actively exploited Drupal vulnerability

    CISA has directed U.S. federal agencies to patch an SQL injection vulnerability in the Drupal CMS by Wednesday evening, as it is currently being actively exploited. The order emphasizes urgent action to secure government servers against potential attacks.

  • SECURITYMay 23 · 07:23 UTCTHE HACKER NEWS
    Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

    CISA has added a critical SQL injection vulnerability (CVE-2026-9082) in Drupal Core to its KEV catalog due to active exploitation. The flaw affects all supported versions of Drupal Core and carries a CVSS score of 6.5.

  • SECURITYMay 23 · 01:11 UTCRECORDED FUTURE NEWS
    CISA to allow researchers to report vulnerabilities to exploited bugs catalog

    CISA announced a new nomination form that allows researchers, vendors, and industry partners to report vulnerabilities for inclusion in the Known Exploited Vulnerabilities catalog. This initiative aims to streamline the process of identifying and tracking bugs that are actively being exploited in the wild.

  • SECURITYMay 22 · 16:54 UTCHACKER NEWS
    Lawmakers Demand Answers as CISA Tries to Contain Data Leak

    CISA (Cybersecurity and Infrastructure Security Agency) is managing a data breach while lawmakers request transparency and accountability regarding the incident. The data leak has drawn significant congressional attention and scrutiny.

  • SECURITYMay 22 · 05:47 UTCTHE HACKER NEWS
    CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV

    CISA added two actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2025-34291 in Langflow (CVSS 9.4) and a flaw in Trend Micro Apex One. These security flaws have been identified as actively exploited in the wild.

  • SECURITYMay 19 · 21:19 UTCCYBERSCOOP
    Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches

    Attackers exploited vulnerabilities in over 22,000 breaches analyzed by Verizon, making exploits the top initial access vector, with a surge in exploited vulnerabilities during a one-year period ending in October 2025. Exploited defects accounted for 31% of all known initial access vectors. Ransomware accounted for 48% of all breaches last year, up from 44% in 2024.

  • SECURITYMay 19 · 19:49 UTCDARK READING
    CISA Exposes Secrets, Credentials in 'Private' Repo

    The Cybersecurity and Infrastructure Security Agency's GitHub repository was publicly available since November 2025 and contained secrets and credentials despite being named 'Private-CISA'. This exposure is a significant security concern. The agency's mistake has raised questions about its ability to protect sensitive information.

  • SECURITYMay 19 · 07:45 UTCHACKER NEWS
    CISA Admin Leaked AWS GovCloud Keys on GitHub

    A CISA administrator leaked AWS GovCloud keys on GitHub, potentially compromising sensitive information. The leak was reported on a security website and discussed on a news forum. The incident highlights the importance of secure key management.

CISA · Dossier · The Nexus